Published in · 5 min read · Oct 10, 2023
--
The main aim of writing this blog is to get you all familiar with basic google dorks and their use cases.
In the last blog, we learned the basics of Google Dorking like what are google dorks, how they works, why we should use them and what information we can find from them. If you haven’t read that, go read that using below link.
Introduction to Google Dorking | Day12 of 30DaysOfOSINT
How to use Google Dorks?
Its simple, go to google, write your dork as per the information you need and search. Let’s learn this with a example.
Assume i wanted to find a free ebook for learning python, so what would i be doing? if i would directly search free python book, their would be a lot of results and many of the search results won’t actually be having any ebook to download instead they will keep confusing and showing you ads. So, the best way here is to use google dork.
I would firstly be applying the dork: filetype , this would filter out all the webpages which were having files of the format i search. So, i entered the dork, filetype:pdf as i want the book to be in pdf format. Now, i want to filter out that the book is freely availiable, so i would add one more dork in query, “free python ebook” filetype:pdf , so that’s it.
Now, let’s understand some of the basic google dorks which are listed as below -
- Google Dork — “specified_phrase or statement”
Used for -shows only those pages that contains exact word or statement
Example — ”Is hacking illegal” - Google Dork — site:
Used for — removes search results from all other websites except the mentioned one
Example — site:amazon.com smartwatches - Google Dork — inurl:specified_phrase
Used for — shows only those search results which contains the specified word in url
Example — inurl:ethical hacking - Google Dork — inurl:word1 word2
Used for — shows search results that contain either of the word or both
Example — inurl:hacking programming - Google Dork — allinurl:word1 word2
Used for — shows the search results that contain both of the words
Example — allinurl:hacking programming - Google Dork — intitle:word1 word2
Used for — shows those search results that mention word in their title and mention the word “word” anywhere in the document
Example — intitle:hacking networking - Google Dork — cache:
Used for — shows the website homepage even if website is down
Example — cache:netflix.com - Google Dork — intext:word1
Used for — shows only those pages containing that specific word (or words) somewhere in the context
Example — intext:bug hunting - Google Dork — allintext:word1 word2
Used for — only shows pages containing those words somewhere in the context
Example — allintext:hacking networking - Google Dork — intitle:”index of”
Used for — shows open ftp servers
Example — intitle:”index of spiderman movie” - Google Dork — inurl:view/index.shtml
Used for — shows live cameras that don’t have any protection
Example — inurl:view/index.shtml - Google Dork — filetype:pdf/doc/ppt specified_phrase
Used for — shows only pages that contains the document of that type and contains specific word in file name
Example — filetype:pdf ethical hacking
Note — Only one filetype can be searched at one time, the intention of writing filetype:pdf/doc/ppt was that you should be searching any one of these. - Google Dork — +(plus symbol)
Used for — shows only those pages that must contain that specific word
Example — ethical hacking + free course - Google Dork — -(minus symbol)
Used for — shows only those pages that must contain that specific word
Example — ethical hacking + free course
These are the basic dorks that you should remember and have always in mind in order to save your time while doing any work may personal or professional.
Now let’s learn about some dorks that are important to know if you are learning or working in cybersecurity.
Special Collection for Cybersecurity Learners
- Dork — intitle:”index of”
Used for —shows open ftp servers - Dork — cache:
Used for —shows the website homepage even if website is down - Dork — inurl:view/index.shtml
Used for —shows live cameras that don’t have any protection - Dork — login: password filetype:xls
Used for — shows password list of some random websites - Dork —allintext:username filetype:log
Used for —shows log files of random websites - Dork — inurl:/proc/self/cwd
Used for —used to detect vulnerable or hacked servers - Dork — intitle:”index of” inurl:ftp
Used for —shows open ftp servers - Dork — filetype:xls inurl:”email.xls"
Used for —used to find database of emails - Dork — intitle:”Index of” wp-admin
Used for —used to find wordpress login page of random websites
If you want to know about some more google dorks used in cybersecurity, then we suggest you explore Google Hacking Database.
One another amazing resource is our Github Repo which we keep updating after few months regularly, star the repo so you don’t loose the link.
Now, what if our information has been leaked on Google ?
You can take the following safety measures to protect your information from being disclosed by google dorks -
- Protect pages that contain sensitive information via username and password.
- Run regular dork queries against your website to discover the sensitive information.
- Request removal of sensitive information if found via google search console
https://support.google.com/webmasters/answer/9689846?hl=en&visit_id=637871614748203924-38706967&rd=1 - Block sensitive content by using a robots.txt file located in your root-level website directory.
What is a search query?
anything that you type and search for in google is called google search query.
Can i use more than one google dork in a single search result ?
Absolutely yes , you can use n number of google dorks in a single google search.
Does their exist dorks for other search engines ?
Yes, their exist dorks for yahoo,bing,github and for many other platforms too.
Can i use these google dorks on any other platform too like yahoo,gihhub,etc or not ?
You can try but as we know every search engine has its own unique algorithm and shows results according to that, so it is better to use dorks made especially for that platform.
Is using google dorks illegal ?
NO, using google dork is legal but misusing the information gathered by google dorks for wrong purpose or for bad intentions is illegal.
So, that’s it for this blog, clap and drop a response if you liked this and also drop a comment if you want a detailed video on Google Dorking on our youtube channel.
If i missed something, let me know, so we can cover that topic or point in upcoming blogs.
Become an early member of our Store at Gumroad and get all our products at a discounted price once they are released.
Store Link — https://store.osintambition.org/
Thanks for reading this blog.
Support our work by doing a small donation on ButMeACoffee or Ko-fi
Follow out amazing writer Dheeraj Yadav on Twitter.
Don’t forgot to follow @OSINTAmbition on Twitter for staying ahead and updated in the OSINT community.